Re: [rdiff-backup-users] Incremental, automated, remote, secure

From:

Grant

Subject:

Re: [rdiff-backup-users] Incremental, automated, remote, secure

Date:

Thu, 18 Jul 2013 07:53:39 -0700

>>> I'm struggling to devise an incremental, automated backup scheme that
>>> remotely and securely backs up data from one system to another,
>>> preserves permissions and ownership, and keeps the backups safe even
>>> if the backed-up system is compromised. Would the following work?
>>
>> What are you calling "compromised?" Because the proposed solution you
>> mentioned didn't even mention encryption. So I guess you must be
>> saying "compromised" when you're really talking about the backup
>> system being damaged or otherwise suffering data integrity failure.
>>
>> Either way, the answer is, "you can't, with anything, ever."
>>
>> If you are talking about security compromised, then all you can do is
>> encrypt data before it leaves original server, and run integrity
>> checks on it. You'll keep your data private, even on a compromised
>> system, but you'll be subject to tampering. You'll be able to detect
>> tampering, but you will not be able to recover.
>>
>> If you are talking about integrity compromised, on both your original
>> and backup systems... Well ... Then the data integrity was
>> compromised on both your original and backup copies. Sorry, nothing
>> can protect you from that, except having more redundant copies.
>
> I think the OP was talking about
>
> client with data to be backed up
>
> server to store backups
>
> at some point, *client* is compromised
>
> the desired security property is for the client not to be able to
> modify/delete the backups that happened before the compromise
Exactly, yes. I will add encryption soon.
- Grant